Dual Stack VTI IPsec Setup Issues
Hello! I'm new to strongswan but not IPsec tunnels. I am looking to setup a vti between pfSense and an Ubuntu 20 server that to run OSPFv2 and v3 on (dual stack). I've got the tunnel up and OSPFv2 running just fine but I'm having an issue with the v6 side of the tunnel in that no v6 traffic will pass. I setup OSPFv3 and I can see hello messages making it from pfSense to Ubuntu with tcpdump and I can see Ubuntu responding but it's not making it back to pfSense. I also tried setting up static routes on either side of the tunnel with similar success. Thanks in advance!
conn pfVltrA keyexchange=ikev2 authby=secret leftupdown="/var/lib/strongswan/ipsec-vti.sh 0 192.168.255.233/30 192.168.255.234/30" left=x.x.x.x leftid=x.x.x.x leftsubnet=0.0.0.0/0,::/0 right=y.y.y.y rightid=y.y.y.y rightsubnet=0.0.0.0/0,::/0 auto=start mark=32 dpdaction=restart ike=aes128-sha256-modp2048 esp=aes128-sha256-modp2048